So I wanted to temporarily disable Avast to test out this proof-of-concept program http://www.pretentiousname.com/misc/win7_uac_whitelist2.html#boundary
I disable the file system shield but it still scans and flags the file. It says that the File System Shield has blocked a threat… how can it block something if it isn’t even enabled!?
I don’t want to have to uninstall and reinstall just to disable protection for a few seconds
How did you try to disable it?
I went into File System Shield and disabled it. When I found that it was somehow still detecting stuff, I disabled all the shields. When that failed, I added an exclusion for the program not to scan exe files. And yet it still scanned it.
So I uninstalled the program, and reinstalled it - broke the whole system now it takes ages to boot up and Avast doesn’t work at all.
Trying system restore to fix the problem now…
If you still have problems with avast, use http://www.avast.com/uninstall-utility to clean each and every previous versions you ever installed (running the removal utility several times, selecting each version for each run).
Then re-download the latest stable version of avast and install it anew.
Please report back.
Here would be me thinking if I wanted to test a proof-of-concept I would be doing in a VM environment.
If I weren’t doing it in a VM environment, then I would have a robust backup and recovery strategy. e.g. hard disk imaging software, where I would have made a new image before undertaking any such POC test.
You don’t say what the POC was, as it may not have been the file system shield that alerted (you didn’t post a screen shot of the alert window). Right clicking on the avast tray icon and select avast! shields control, Disable for X.
- +1
- +1
I’d call this a ringing endorsement of how good avast! is.
You try to infect your system and avast! wouldn’t let you. ;D
Follow David’s advice if you insist on playing with fire and be happy,
that avast! blocked your original attempt.
Not much to say than the name say’s it all " M4dn3ss " ;D
David,
Here would be me thinking if I wanted to test a proof-of-concept I would be doing in a VM environment.
+1 +1 +1…(and on)
Maybe didn’t know?
EDIT: Hope he’s able to repair and restore w/o having to go the clean install route! BTW, formatting the drive alone may not be enough, either, if as bad as I think it is.
I managed to reinstall Avast properly.
Anyway the file is completely safe obviously you didn’t click the link did you. Besides, I just reinstalled Windows and I won’t mind doing it again but I wasn’t trying to infect myself.
I’ll try the system tray icon right click method of disabling shields but no one has explained why the exceptions list does not work at all; If I try to exclude exe files from a scan it still scans them anyway
obviously you didn't click the link did you.Do what ??? I leave that to people who don't know any better. Maybe my cat walking across the keyboard. ;D
Anyway the file is completely safe obviously you didn't click the link did you. Besides, I just reinstalled Windows and I won't mind doing it again but I wasn't trying to infect myself.
Few of us will disable a security protection program such as Avast! real-time shields just to see what will/could happen; most of us do not have the time nor do we care to have to do a clean reinstall of our os. Why get and install Avast! in the first place, anyway, if you want to do something like this without at least having a disc imaging program before you begin? Or a VM installed? Google page for free imaging software here:
Disabling real-time shields will open our systems to other areas online other than just the file we may be looking at at the moment.
Proof-of-concept here may apply if you wanted to prove Avast! real-time shields work in real-time; evidently you did, as it still seemed to work even when disabled.
Easier and safer way of checking real-time functionality here:
http://www.eicar.org/85-0-Download.html
Glad you got Avast! repaired and running again.
EDIT: See attached below. Is this similar to avast! message box you got the first time?
OMFG it’s got nothing to about reinstalling Windows or making a system image and I already know how to do all of that stuff. It’s not about whether or not the file is safe or not. (Which it is).
I used the tray icon method and it worked fine. Oddly enough, by testing disabling each shield one by one I pinpointed it down to the P2P shield that was blocking it. Dafuq??
I think that most poster misinterpreted the real problem you are posting about (but of course I may be wrong here too).
Could you post an little screenshot of the message you get from avast? It would be enough to show just the message, not the entire screen.
http://img525.imageshack.us/img525/9001/avastz.png
I have to disable each shield for the popup not to appear… I could disable every shield except for one of them, eg IM Shield and it will alert me saying File System Shield detected a virus… odd
(By the way, the test program highlights the flaw with the default UAC setting in Windows 7, and allows you to run a command with administrator priveleges without triggering a UAC alert, by injecting code into a Microsoft process. And the thing is, Avast behaviour shield doesn’t detect anything wrong when the command runs but it should because a virus could do the same… and this is with all the shields enabled after the program is already running in memory)
I believe avast is one of the best antivirus program i have ever seen. I know sometimes you can get alert when is not actually dangerous! So before you disable it thinking that program is not virus, maybe you should reconsider. Take care!